JP2008262293A - Shared file access management method, system and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To improve convenience for access to a URL reference destination when a recipient of a mail attached with a URL forwards the mail to a third party without impairing security against information leakage. Provide technology.
In a shared file access management method in a shared file access management system for managing access to a shared file, a shared file access authority granting condition indicating an access authority granting condition for a shared file accessed by a URL in an email Is stored in the storage device, and when the mail is transferred, the processing device reads the shared file access authority grant condition of the shared file accessed by the URL in the mail from the storage device, and the destination at the time of the transfer of the mail Is a user corresponding to the read shared file access authority granting condition, the access authority to the shared file is given to the user.
[Selection] Figure 1

Description

  The present invention relates to a shared file access management technique for managing access to a shared file in a file sharing system in which information leakage prevention measures are taken.

  As a conventional technique, there is a system that prohibits file attachment to an e-mail to prevent information leakage, and instead attaches a URL (Uniform Resource Locator) of a file stored in the file sharing system to the e-mail to control access. (For example, refer to Patent Document 1). The same applies when a URL to a web page is attached to an email. This is a system that grants an access right to a user's shared file or web page specified as the mail destination by giving an access right to the file or web page indicated by the URL when sending the mail.

JP 2004-102760 A

  In the above prior art, when the mail recipient forwards the mail to a third party, the problem that the access right to the destination is not granted and the intention of the sender when the receiver grants the access right are related. Since the setting is possible without any change, the setting may be performed for a user who should not be given access rights, and there is a problem that the security is lowered.

  In the technique described in Patent Document 1, security is ensured when the access right is given to the mail destination. However, since it is impossible to know a third party to be transferred in advance, the access right is given to the transferred mail. To set up, you need to add another system. In addition, in the conventional method of attaching a file to an e-mail, it is possible for everyone to access the attached file. Therefore, if the e-mail recipient forwards the e-mail to a third party, the third is not related to the sender's intention. There was a concern that some people would refer to the attached file.

  The object of the present invention is to solve the above-mentioned problems, to reduce the convenience for accessing the URL reference destination when the recipient of the email with the URL attached forwards the email to a third party, and the security against information leakage. It is to provide a technique that can be improved without any problems.

  The present invention relates to a shared file access management system that manages access to a shared file, and to a shared file that is accessed by a URL in the mail when the mail destination user meets the conditions for granting the shared file access authority. The access right is granted.

  In the shared file access management system of the present invention, when a mail containing a URL to the shared file is transmitted, the shared file access authority granting condition indicating the access authority granting condition for the shared file accessed by the URL is set to the mail. And the mail is stored in the mail authority control table in the storage device, and then the mail is sent to the destination.

  In the shared file access management system of the present invention, when the recipient who has received the mail transfers the mail, the shared file access authority grant condition of the shared file accessed by the URL in the mail is read from the storage device, When the destination at the time of transferring the mail is a user corresponding to the read shared file access authority granting condition, a process of giving the user access authority to the shared file is performed.

  According to the present invention, even if a mail attached with a file URL of the file sharing system is forwarded without being processed, the recipient of the forwarded mail can access the file, which is convenient for accessing the URL reference destination. Has the effect of improving the performance. In addition, since the file sharing system file is not accessed beyond the range intended by the mail sender, there is an effect that security against information leakage or the like in mail transfer is not impaired.

(Embodiment 1)
Set the shared file access authority granting condition when sending an email with the URL of the file sharing system attached below, and the recipient user according to the shared file access authority granting condition when the mail recipient transfers the file A shared file access management system according to the first embodiment that grants access authority to the system will be described.

  FIG. 1 is a diagram showing the configuration of the shared file access management system of this embodiment. The shared file access management system according to the present embodiment includes a transmission mail server 200, a reception mail server 210, a file sharing server 300, a user information storage server 400, a client 100, a client 110, a client 120, and a client 130 connected via a network 270. It has been realized.

  The outgoing mail server 200 includes a main storage device 201, an outgoing mail management unit 202, a CPU (Central Processing Unit) 203, and a NIC (Network Interface Card) 204. The received mail server 210 includes a main storage device 220, a received mail management unit 221, a CPU 222, a NIC 223, a mail control DB 240, a mail authority control table 250, and a mail DB 260. The file sharing server 300 includes a main storage device 310, a file sharing management unit 311, a CPU 312, a NIC 313, a file sharing control DB 320 in which an attached file control table 330 and an access user history table 340 are stored, and a file sharing DB 350.

  The user information storage server 400 includes a main storage device 410, a user information management unit 411, a CPU 412, a NIC 413, a user information DB 420, and a user information table 430. The client 100 includes a main storage device 101, a file information processing unit 102, a CPU 103, a NIC 104, an input device 105, and a display device 106. The client 110 includes a main storage device 111, a file information processing unit 112, a CPU 113, a NIC 114, and an input. The device 115 and the display device 116 exist, the main storage device 121, the file information processing unit 122, the CPU 123, the NIC 124, the input device 125, and the display device 126 exist in the client 120, and the main storage device 131 and the file exist in the client 130. There are an information processing unit 132, a CPU 133, a NIC 134, an input device 135, and a display device 136.

  In the present embodiment, a program for causing a computer to function as the processing unit is recorded on a recording medium such as a CD-ROM and stored in a magnetic disk, and then loaded into a memory and executed. The recording medium for recording the program may be a recording medium other than the CD-ROM. Further, the program may be used by installing it from a recording medium in a computer, or the program may be used by accessing the recording medium through a network.

  FIG. 2 is a diagram showing an access path when a URL or path in a mail having a URL to an attached file according to the present embodiment is clicked. A mail 261 having a URL to an attached file has a URL 262 to the attached file and a path 263 to the authority setting reference screen. The file sharing DB 350 includes an attached file 351 and an attached file 353, and the received mail management unit 221 in the received mail server 210 has an authority setting reference screen A221.

  Using FIG. 1 and FIG. 2, description will be given of granting access rights to the attached file 351 when a mail having the URL of the attached file 351 is sent from the client 100 to the client 120. The attached file indicates a file indicated by a URL attached to an email, and the same applies to the following description.

  When the client 100 transmits a mail having a URL to the attached file 351 to the outgoing mail server 200, the client 100 can input a shared file authority grant condition for the attached file 351. This condition is stored in the mail authority control table 250 when it is sent to the receiving mail server 210 through the network 270.

  The mail transmitted to the outgoing mail server 200 is sent to the incoming mail server 210 through the network 270 and is received by the client 120. At this time, the recipient of the mail using the client 120 can access the attached file 351 in the file sharing DB 350 through the file sharing management unit 311 by clicking the URL 262 to the attached file, and the authority setting reference screen By clicking the path 263, the setting of the mail authority control table 250 can be referred to through the authority setting reference screen A221.

  When the mail recipient transfers the received mail 261 to a third party, the shared file authority grant condition existing in the mail authority control table 250 is transferred together with the mail. The shared file authority granting condition is sent to the receiving mail server at the transfer destination via the network 270 as in the case of sending the mail having the URL to the attached file 351, and is stored in the mail authority control table in the receiving mail server at the transfer destination. Stored.

  FIG. 3 is a diagram showing an example of the user information table 430 for specifying the user of this embodiment. The user information table 430 includes a user ID 431, a user name 432, an affiliation 433, a job title 434, a hire year 435, a telephone number 436, an e-mail address 437, and a responsible product 438.

  FIG. 4 is a diagram showing an example of the attached file control table 330 for controlling the access right of the attached file according to the present embodiment. The attached file control table 330 includes a file ID 331, a file path 332, a date and time 333 when the attached file is stored in the file sharing system, and an access user history table ID 334.

  FIG. 5 is a diagram showing an example of an access user history table 340 for storing users who have accessed the attached file 351 of this embodiment. The access user history table 340 includes an access user history table ID 341, an access right user ID 342, and an access date / time 343.

  FIG. 6 is a diagram showing an example of a mail authority control table 250 for storing conditions for granting authority for attached files according to the present embodiment. The mail authority control table 250 includes a file ID 251, a receiving user ID 252, and an access right granting condition 253.

  FIG. 7 is a flowchart showing a processing procedure of processing for transmitting a mail having a URL to the attached file 351 of the present embodiment. When the system detects that the e-mail transmission button is pressed (step 900), the user is confirmed whether to set the access authority to the attached file 351 (step 901).

  When setting the authority, the shared file access authority grant condition input by the operation on the authority grant condition setting screen (step 902) is transmitted together with the mail (step 903). If the shared file access authority granting condition is not set, the mail is transmitted without operating the authority granting condition setting screen (step 903). After the incoming mail server 210 receives the mail (step 904), it is checked whether or not the shared file access authority granting condition is set (step 905). Set in the control table (step 906).

  FIG. 8 is a flowchart showing a processing procedure of a process in which a recipient of a mail having a URL to an attached file in this embodiment refers to the authority setting of the attached file. When the URL to the authority setting reference screen in the received mail is clicked (step 910), the system inquires the user's access right to the received mail management unit 221 in the received mail server 210 (step 911), and the attached file is sent to the recipient. It is confirmed whether or not there is an access right to (step 912).

  If there is no access right to the attached file, a message indicating that the screen cannot be displayed because there is no access right to the attached file is displayed (step 913). If there is an access right for the attached file, the user information corresponding to the shared file access authority granting condition is retrieved and acquired from the user information table 430 (step 914), and the authority setting reference screen is obtained based on the information. A221 is displayed (step 915). At this time, by referring to the access user history table 340 in the file sharing server 300 and the mail transmission history of the transmission mail server at the same time, the user who has exercised authority may be displayed on the authority setting reference screen A221.

  FIG. 9 is a flowchart showing a processing procedure of a process in which a mail recipient having a URL to the attached file 351 of the present embodiment transfers the mail. When the system detects that the mail transmission button has been pressed (step 920), authorization processing is performed (step 922), and when authorization is completed, an email is transmitted (step 924).

  As shown in FIG. 9, it may be confirmed to the user whether or not the access right may be given to the destination (step 921). If not given, the mail is sent as it is (step 924). When granting, authority grant processing is performed (step 922), and the return value of the privilege grant processing is confirmed (step 923). When the authorization is completed, an email is transmitted (step 924).

  FIG. 10 is a diagram showing details of the authority grant processing 922 of the present embodiment. First, it is determined whether the destination is a user corresponding to the shared file access authority grant condition in the mail authority control table 250 (step 931). This determination is repeated while there is an undetermined destination (step 930).

  If the destination is not a user corresponding to the shared file access authority granting condition, the user is deleted from the destination (step 932). If the destination is a user corresponding to the shared file access authority granting condition, the shared file is sent to the user. After granting access authority to, determine the next destination. When transmission is made after the determination is completed, the value of authorization grant completion is returned.

  As shown in FIG. 10, a confirmation to the user may be added after the access right determination (step 931) ends. After the access right determination (step 931) ends, it is checked whether there is a user deleted from the destination. (Step 933) When the deleted user does not exist, the value of the authorization grant completion is returned.

  On the other hand, if there is a deleted user, the user is displayed (step 934), and it is confirmed whether or not to send a mail to the forwarding user (step 935). At this time, if transmission is to be stopped, a value for which the authorization process has not been completed is returned, and if transmission is to be performed, a value for completion of the authorization process is returned.

  Further, in the present embodiment, the destination to which the access right cannot be granted is deleted. However, since the user who has not been granted the access right cannot access the attached file 351 by clicking the URL to the attached file 351, the destination is It is not necessary to delete. In that case, the transfer user is notified that there is a destination to which access right cannot be granted, and it is confirmed whether or not to send the mail (step 935).

  FIG. 11 is a diagram showing an example of a screen for setting a shared file access authority grant condition according to this embodiment. FIG. 11 shows a screen for setting a shared file access authority grant condition for the attached file 351 when a mail having the URL of the attached file 351 is transmitted in the present embodiment. This can be referred to on the display device 106 of the client 100 that is a mail transmission user.

  The condition selection item 314 or the direct selection item 315 is used to select a shared file access authority grant condition. Thereafter, by pressing a setting button 317, the shared file access authority grant condition is displayed in the current authority grant condition 316. When the “reflect settings” button 318 is pressed in this state, a shared file access authority grant condition is transmitted to the transmission mail server 200 together with the mail. This shared file access authority grant condition is stored in the mail authority control table 250 in the reception mail server 210.

  FIG. 12 is a diagram illustrating an example of the authority setting reference screen according to the present embodiment. FIG. 12 shows an authority setting reference screen that can be accessed by clicking the path 263 to the authority setting reference screen when a mail having the URL of the attached file 351 is received in the present embodiment. This can be referred to on the display device 126 of the client 120 that is a mail receiving user.

  The authority setting reference screen is composed of an authority granting condition list 224 and an authority user list 227, and the authority granting condition list 224 includes items of an access right 225. The authority user list 227 includes a name 228, an affiliation 229, and an access right 230. It consists of items. A user search function may be added when the number of users displayed in the authorized user list 227 increases.

  In this embodiment, the access right is given at the time of mail transfer, but when the user clicks the URL 262 to the attached file, it may be determined whether or not the clicked user can access. The mode is shown in FIG. The difference from FIG. 2 is that the file share management unit 311 accesses the mail authority control table 250 in the mail control DB. In this case, FIG. 22 shows a processing method when the URL 262 to the attached file is clicked. When the user clicks the attached file (step 940), the file sharing management unit 311 accesses the mail authority control table 250 in the mail control DB 240 in the received mail server 210, and determines whether the clicked user has access right. (Step 941). If there is an access right, the attached file 351 in the file sharing DB 350 is acquired (step 944), and then the access user history table 340 is accessed with an access user history table ID 341 corresponding to the accessed file ID 331, an access user ID 342, and an access date and time. 343 is added (step 945). If there is no access right to the attached file, a message indicating that there is no access right is displayed (step 943), and the access process is terminated.

  By configuring the system as described above, it is possible to improve the convenience for accessing the URL reference destination when the mail recipient forwards the mail to a third party without impairing the security against information leakage. Can be provided.

  As described above, according to the shared file access management system of the present embodiment, when the mail destination user satisfies the shared file access authority granting condition, the shared file access management system according to the present embodiment can access the shared file accessed by the URL in the mail. Since the access authority is given, the convenience of accessing the URL reference destination when the mail recipient attached with the URL forwards the mail to a third party is improved without degrading the security against information leakage. It is possible.

(Embodiment 2)
Hereinafter, a shared file access management system according to a second embodiment in which an access authority is additionally given to a transfer destination user when a mail recipient transfers a file will be described.

  FIG. 13 is a diagram showing the configuration of the shared file access management system of this embodiment. The shared file access management system according to the present embodiment includes a transmission mail server 200, a reception mail server 210, a file sharing server 300, a user information storage server 400, a client 100, a client 110, a client 120, and a client 130 connected via a network 270. It has been realized.

  The received mail server includes a main storage device 220, a received mail control unit 221, a CPU 222, a NIC 223, and a mail DB 260. The file sharing server 300 includes a main storage device 310, a file sharing management unit 311, a CPU 312, a NIC 313, a file sharing control DB 320, an attached file control table 330, an access right acquisition user list table 360, and a file sharing DB 350. The difference from the first embodiment is that the mail control DB 240, the mail authority control table 250, and the access user history table 340 do not exist, and the access right acquisition user list table 360 exists.

  In the present embodiment, a program for causing a computer to function as the processing unit is recorded on a recording medium such as a CD-ROM and stored in a magnetic disk, and then loaded into a memory and executed. The recording medium for recording the program may be a recording medium other than the CD-ROM. Further, the program may be used by installing it from a recording medium in a computer, or the program may be used by accessing the recording medium through a network.

  FIG. 14 is a diagram showing an access path when a URL or path in a mail having a URL 262 to the attached file of this embodiment is clicked. A mail 261 having a URL to an attached file has a URL 262 to the attached file and a path 263 to the authority setting reference screen. The main storage device 310 in the file sharing DB 350 includes an authority setting reference screen A 311, and the file sharing DB 350 includes an attached file 351, an authority setting file 352, an attached file 353, and an authority setting file 354. The difference from the first embodiment is that the access destination from the path 263 to the authority setting reference screen is not the authority setting reference screen A 211 in the received mail server 210 but the authority setting reference screen A 311 in the file sharing server 300. is there.

  Using FIG. 13 and FIG. 14, description will be given of granting access rights to the attached file 351 when a mail having the URL of the attached file 351 is sent from the client 100 to the client 120.

  When the client 100 transmits a mail having a URL to the attached file 351 to the outgoing mail server 200, the client 100 can input a shared file authority grant condition for the attached file 351. This shared file authority grant condition is stored in the authority setting file 352 by the file sharing manager 311 when mail is transmitted.

  The mail transmitted to the outgoing mail server 200 is sent to the incoming mail server 210 through the network 270 and is received by the client 120. At this time, the mail recipient who uses the client 120 can access the attached file 351 in the file sharing server 300 through the file sharing management unit 311 by clicking the URL 262 to the attached file, and refer to the authority setting. By clicking the path 263 to the screen, the setting of the authority setting file 352 can be referred to through the authority setting reference screen A311.

  When the received mail is transferred to a third party, the shared file access authority granting condition in the authority setting file 352, the user ID in the access authority acquisition user list table 360, the user ID in the access authority acquisition user list table 360 The user information in the user information table 430 is checked, and only the user who matches the shared file access authority granting condition in the attached file 351 is given authority.

  In the present embodiment, the authority setting file 352 can be changed even after the mail having the URL to the attached file 351 is transmitted. In that case, it can be realized by creating a link to the authority setting condition setting screen 106 in the authority setting reference screen A 311 and accessing the authority setting file 352 through the authority setting condition setting screen 106.

  FIG. 15 is a diagram showing an example of an attached file control table 330 for controlling the access right of the attached file according to the present embodiment. The attached file control table 330 includes a file ID 331, a file path 332, a date and time 333 when the attached file is stored in the file sharing system, and an access right acquisition user list table ID 334.

  FIG. 16 is a diagram showing an example of the access right acquisition user list table 360 for storing the users who have acquired the access right according to the present embodiment. The access right acquisition user list table 360 includes an access right acquisition user list table ID 361, an access right acquisition user ID 362, and an access right acquisition date 363.

  FIG. 17 is a flowchart illustrating a processing procedure of processing for transmitting a mail having a URL to an attached file according to the present embodiment. When the system detects that the e-mail transmission button is pressed (step 900), the user is confirmed whether to set the access authority to the attached file (step 901).

  When setting the access authority, the system sets the authority in the authority setting file 352 by operating the authority grant condition setting screen 106 (step 902) (step 907). After setting the authority (step 907), the mail is transmitted to the outgoing mail server 200 (step 908). If it is selected that the file access authority is not set when it is confirmed (step 901), the mail is transmitted as it is (step 908).

  FIG. 18 is a flowchart showing a processing procedure of processing in which a recipient of a mail having a URL to an attached file in this embodiment refers to the authority setting of the attached file. When there is access to the path 263 to the authority setting reference screen in the received mail (step 910), the system makes an inquiry about the access right to the file sharing management unit 311 of the file sharing server (step 917).

  Confirming whether the recipient has access rights to the attached file (step 912), and if there is no access right to the attached file, displays a message that the screen cannot be displayed because there is no access right to the attached file (Step 913). If there is an access right for the attached file, the user information corresponding to the shared file access authority grant condition is retrieved from the user information table and acquired (step 914). Further, information on users having access rights is acquired from the access right acquisition user list table 360 (step 918), and an authority setting reference screen A311 is displayed based on those information (step 916).

  FIG. 19 is a flowchart showing a processing procedure of processing in which a mail recipient having a URL to the attached file 351 of the present embodiment forwards the mail. When it is detected that the mail transmission button has been pressed (step 920), authorization processing is performed (step 925). When authorization is completed, an email is transmitted (step 924).

  As shown in FIG. 19, it may be confirmed to the user whether or not the access right may be given to the destination (step 921). If not given, the mail is sent as it is (step 924). When granting, authority grant processing is performed (step 925), and the return value of the authority grant processing is confirmed (step 923). When the authorization is completed, an email is transmitted (step 924).

  FIG. 20 is a diagram showing details of the authority grant processing 925 of the present embodiment. First, it is determined whether or not the destination is a user corresponding to the shared file access authority granting condition (step 941). This determination is repeated while there is an undetermined destination (step 930).

  If the destination is not a user corresponding to the shared file access authority granting condition, the user is deleted from the destination (step 932), and if the destination is a user corresponding to the shared file access authority granting condition, the next destination is determined. To do. After completion of the determination, the corresponding user ID is added to the access right acquisition user list table 360 (step 936), and the value of the authority grant process completion is returned.

  As shown in FIG. 20, confirmation to the user may be added after the access right determination (step 941) is completed. After completion of the determination (step 941), it is checked whether there is a user deleted from the destination (step 933). If there is no user deleted, the corresponding user ID is added to each user list table. (Step 936), the value of authority grant processing completion is returned.

  On the other hand, if there is a deleted user, the user is displayed (step 934), and it is confirmed whether or not to send a mail to the forwarding user (step 935). At this time, if transmission is to be canceled, a value indicating that the authorization process has not been completed is returned, and if transmission is to be performed, the corresponding user ID is added to the access right acquisition user list table 360 (step 936). Returns the value. Here, it is assumed that the mail transfer person instructs to add a user ID to the access right acquisition user list table 360 only for a user who may be given access authority.

  Further, in the present embodiment, the destination to which the access right cannot be granted is deleted. However, since the user who has not been granted the access right cannot access the attached file 351 by clicking the URL to the attached file 351, the destination is It is not necessary to delete. In that case, the transfer user is notified that there is a destination to which access right cannot be granted, and it is confirmed whether or not to send the mail (step 935).

  By configuring the system as described above, it is possible to improve the convenience for accessing the URL reference destination when the mail recipient forwards the mail to a third party without impairing the security against information leakage. Can be provided. In the present embodiment, the shared file access authority grant condition can be changed even after mail transmission.

  As described above, according to the shared file access management system of the present embodiment, when the mail destination user satisfies the shared file access authority granting condition, the shared file access management system according to the present embodiment can access the shared file accessed by the URL in the mail. Since the access authority is given, the convenience of accessing the URL reference destination when the mail recipient attached with the URL forwards the mail to a third party is improved without degrading the security against information leakage. It is possible.

It is a figure which shows the structure of the shared file access management system of Embodiment 1. FIG. It is a figure which shows the access path | route when URL and the path | pass in the mail which have URL to the attachment file of Embodiment 1 are clicked. It is a figure which shows an example of the user information table 430 for identifying the user of Embodiment 1. FIG. It is a figure which shows an example of the attachment file control table 330 for controlling the access right of the attachment file of Embodiment 1. FIG. It is a figure which shows an example of the access user log | history table 340 for storing the user who accessed the attachment file 351 of Embodiment 1. FIG. It is a figure which shows an example of the mail authority control table 250 for storing the conditions for giving the authority with respect to the attached file of Embodiment 1. FIG. 6 is a flowchart illustrating a processing procedure of processing for transmitting a mail having a URL to an attached file 351 according to the first embodiment. 6 is a flowchart illustrating a processing procedure of a process in which a recipient of a mail having a URL to an attached file according to the first embodiment refers to the authority setting of the attached file. 6 is a flowchart illustrating a processing procedure of a process in which a recipient of a mail having a URL to an attached file 351 according to the first embodiment transfers the mail. FIG. 10 is a diagram illustrating details of authority grant processing 922 according to the first embodiment. It is a figure which shows an example of the screen which sets the shared file access authority provision conditions of Embodiment 1. FIG. 6 is a diagram illustrating an example of an authority setting reference screen according to the first embodiment. FIG. It is a figure which shows the structure of the shared file access management system of Embodiment 2. It is a figure which shows the access path | route when URL and the path | pass in the mail which have URL262 to the attachment file of Embodiment 2 are clicked. It is a figure which shows an example of the attachment file control table 330 for controlling the access right of the attachment file of Embodiment 2. FIG. It is a figure which shows an example of the access right acquisition user list table 360 for storing the user who acquired the access right of Embodiment 2. 10 is a flowchart illustrating a processing procedure of processing for transmitting a mail having a URL to an attached file according to the second embodiment. 10 is a flowchart illustrating a processing procedure of a process in which a recipient of a mail having a URL to an attached file in Embodiment 2 refers to the authority setting of the attached file. 14 is a flowchart illustrating a processing procedure of a process in which a recipient of a mail having a URL to an attached file 351 according to the second embodiment transfers the mail. FIG. 10 is a diagram illustrating details of an authority grant process 925 according to the second embodiment. It is a figure which shows the process which determines an access right at the time of clicking URL262 to the attached file of Embodiment 1. FIG. 6 is a flowchart illustrating a processing procedure of processing for determining an access right when a URL 262 is clicked on an attached file according to the first exemplary embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 100 ... Client, 101 ... Main memory, 102 ... File information processing part, 103 ... CPU, 104 ... NIC, 105 ... Input device, 106 ... Display device, 110 ... Client, 111 ... Main memory, 112 ... File information processing , 113 ... CPU, 114 ... NIC, 115 ... input device, 116 ... display device, 120 ... client, 121 ... main storage device, 122 ... file information processing unit, 123 ... CPU, 124 ... NIC, 125 ... input device, DESCRIPTION OF SYMBOLS 126 ... Display device, 130 ... Client, 131 ... Main storage device, 132 ... File information processing part, 133 ... CPU, 134 ... NIC, 135 ... Input device, 136 ... Display device, 200 ... Transmission mail server, 201 ... Main memory Device: 202, outgoing mail management unit, 203: CPU, 204: NIC, 210: receiving Mail server, 220 ... main storage device, 221 ... received mail management unit, 222 ... CPU, 223 ... NIC, 240 ... mail control DB, 250 ... mail authority control table, 260 ... mail DB, 270 ... network, 300 ... file sharing Server, 310 ... main storage device, 311 ... file sharing management unit, 312 ... CPU, 313 ... NIC, 320 ... file sharing control DB, 330 ... attached file control table, 340 ... access user history table, 350 ... file sharing DB, 400 ... User information storage server, 410 ... Main storage device, 411 ... User information management unit, 412 ... CPU, 413 ... NIC, 420 ... User information DB, 430 ... User information table, 261 ... Mail, 262 ... To attached file URL, 263 ... Path to authority setting reference screen 351 ... Attached file, 353 ... Attached file, 431 ... User ID, 432 ... User name, 433 ... Affiliation, 434 ... Job title, 435 ... Year of hire, 436 ... Phone number, 437 ... Email address, 438 ... Product in charge, 331 ... File ID, 332 ... File path, 333 ... Date and time, 334 ... Access user history table ID, 341 ... Access user history table ID, 342 ... Access right user ID, 343 ... Access date and time, 251 ... File ID, 252 ... Receiving user ID 253 ... Access right granting conditions, 314 ... Condition selection items, 315 ... Direct selection items, 316 ... Authorizing conditions, 317 ... Setting buttons, 318 ... "Reflect settings" button, 224 ... Authorizing condition list, 225 ... Access Authority, 227 ... Authority user list, 228 ... Name, 229 ... Location 230, access right, 221 ... received mail control unit, 360 ... access right acquisition user list table, 352 ... authority setting file, 354 ... authority setting file, 334 ... access right acquisition user list table ID, 361 ... access right acquisition User list table ID, 362... Access right acquisition user ID, 363.

Claims (5)

In a shared file access management method in a shared file access management system for managing access to a shared file,
The processing device stores a shared file access authority grant condition indicating a condition for granting access authority to the shared file accessed by the URL in the mail, and is accessed by the URL in the mail when the mail is transferred. When the processing device reads the shared file access authority grant condition of the shared file from the storage device, and the destination at the time of forwarding the mail is a user corresponding to the read shared file access authority grant condition, the shared file is sent to the user A shared file access management method characterized by granting access authority to a file.   When the destination at the time of forwarding the email is not a user who meets the conditions for granting the shared file access authority, an instruction indicating whether to send an email to the user is accepted, and the content of the instruction permits the sending of the email 2. The shared file access management method according to claim 1, wherein an access right to the shared file is given to the user.   The shared file access authority grant condition of the shared file accessed by the URL in the mail is read from the storage device, and an authority setting reference screen showing setting contents of the access authority to the shared file is displayed on the display device. The shared file access management method according to claim 1 or 2, wherein: In a shared file access management system that manages access to shared files,
A shared mail access authority granting condition indicating a granting condition of access authority to the shared file accessed by the URL in the mail in the mail authority control table in the storage device, and at the time of forwarding the mail, When the processing device reads the shared file access authority grant condition of the shared file accessed by the URL in the mail from the storage device, and the destination when the mail is transferred is a user corresponding to the read shared file access authority grant condition A shared file access management system comprising: a file information processing unit that grants access authority to the shared file to the user. In a program for causing a computer to execute a shared file access management method in a shared file access management system for managing access to a shared file,
The processing device stores a shared file access authority grant condition indicating a condition for granting access authority to the shared file accessed by the URL in the mail, and is accessed by the URL in the mail when the mail is transferred. When the processing device reads the shared file access authority grant condition of the shared file from the storage device, and the destination at the time of forwarding the mail is a user corresponding to the read shared file access authority grant condition, the shared file is sent to the user A program for causing a computer to execute a process of granting access authority to a computer.

Images